Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 589 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How / is the built-in 'Support Access' function protected to ensure no-one but Sophos can access?

ptho

Hi All,

I understand that turning Support Access on allows Sophos to connect in for support-related works etc., but is this functionality secured so that only Sophos can make use of this access by way of only accepting connections from known Sophos Support IP addresses, etc.?

Many Thanks



This thread was automatically locked due to age.
Parents
  • 0

    When you enable support access the firewall will create a SSH tunnel over:

    utm@54.228.158.66

    On Port 22.

    Apparently It also creates some temporary files for known hosts, and keys, which are deleted after you disable the support access.

    -o UserKnownHostsFile=/tmp/uma_known_hosts
-i /tmp/uma_host.priv

    Meanwhile when It's creating the SSH Tunnel It will do a port forward of: 

    -L localhost:22022:localhost:4223

    If someone else can dig in to this, I would be grateful. (if you're allowed.)

Reply
  • 0

    When you enable support access the firewall will create a SSH tunnel over:

    utm@54.228.158.66

    On Port 22.

    Apparently It also creates some temporary files for known hosts, and keys, which are deleted after you disable the support access.

    -o UserKnownHostsFile=/tmp/uma_known_hosts
-i /tmp/uma_host.priv

    Meanwhile when It's creating the SSH Tunnel It will do a port forward of: 

    -L localhost:22022:localhost:4223

    If someone else can dig in to this, I would be grateful. (if you're allowed.)

Children